sh-remover.exe

MD5:
a262549891b7371f3498ad61728298b3

SHA-1:
b86efb8c90baeb4c08014cb1e8bad89a062b9e4f

SHA-256:
7f452ed7f76e37b8d453c72705937974d843b10a456cc3c85bfed4cba76e85f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 11:32:54 AM UTC  (today)

File size:
2.9 MB (3,035,976 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sh-remover.exe

File PE Metadata
Compilation timestamp:
11/18/2014 9:58:43 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:pe36Ghx8Jc11cvgIcA7woaOav6S8fOjnTTgeGR2M48JXFpJNW+o3A2fTt:pFGhXcvgdkwDOaSScFzYM48JJM+o3AkR

Entry address:
0x126F31

Entry point:
C7, 01, 38, 07, 74, 04, 33, C0, EB, 02, 8B, C7, FC, 5F, C9, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, FF, 75, 0C, 8D, 4D, F0, E8, 52, D7, FF, FF, 8B, 45, F0, 83, B8, AC, 00, 00, 00, 01, 7E, 16, 8D, 45, F0, 50, 68, 03, 01, 00, 00, FF, 75, 08, E8, 42, DE, 00, 00, 83, C4, 0C, EB, 12, 8B, 80, C8, 00, 00, 00, 8B, 4D, 08, 0F, B7, 04, 48, 25, 03, 01, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, C9, C3, 8B, FF, 55, 8B, EC, 83, 3D, B8, 3C, 5E, 00, 00, 75, 14, 8B, 45, 08, 8B, 0D, 38, 8F, 5D, 00, 0F, B7, 04...
 
[+]

Entropy:
6.9938

Code size:
1.5 MB (1,625,088 bytes)

The file sh-remover.exe has been seen being distributed by the following URL.

Scan sh-remover.exe - Powered by Reason Core Security